Weekly overview of the bug-hunting category- week 23, 2019

in #utopian-io6 years ago

This is a report on the weekly contributions to the bug hunting category. The post contains basic stats like the number of contributions received by the category, an excerpt on new contributors if there are any and a detailed comparison of the week's output with previous weeks.

utopian (1).jpg

Previous Reports

2018
2019

Bug hunting contributions summary

Week 21: May 30th - June 6th
  • 49 Contributions, 43 scored higher than 0
  • 1 Ignored post
  • An average score of 63.55
  • 17 unique contributors
  • No Staff Pick
  • No new contributors

Number of reviewed and rewarded contributions

image.png

Average score

image.png

Reports Reviewed By Reviewer

image.png

image.png

So this week we had a total of 49 contributions. That is 10 contributions less than the 59 we had last week. We received 6 reports that were not scored. One was ignored because it was from a banned user, (1). Three were duplicates of either existing issues or issues that were linked by the same root cause - (2,3,4). The other two were scored zero for not conforming to the Utopian guidelines --- (5) - Insignificant and could not be reproduced by either the reviewer or the project owner, (6) - was not acknowledged before submission.

This brings the average to 63.55, greater than last week's average of 61.2. This is better than we've had in the last 3 weeks. Unlike the week before where we had reports that mainly concentrated on the minor features, this week our contributors explored the major components. In contrast, we had reports that tested the security of applications. Take for instance, this find by @blockchainstudio. Apparently, when the master password changes, SteemConnect should delete all existing sessions. This logic was missing in version 2 beta. So with the sessions from your previous pass still active, transactions can still be made from those sessions on your behalf even when you have changed to a new pass.

contributions

There were no double digits this week. @darewealth had the most contributions. Bringing in 8 reports, four of these reports were scored higher than 70. In total, he received an average score of 63. There were good turn outs from @ckole and @harry-heightz, each bringing in 6 reports.

The most active repo this week is still the ACG player. Bringing in a total of 16 reports, last week it stunned us with 28. Is this app just buggy or could this be a rare case of the plague? Same question I asked last week. Well, all I can say with the look of things is - we may not be getting reports from this repo any time soon. It's lost all its juice - thanks to the PO who is forever up to the task, fixing the bugs as fast as they come.

The ACG player is designed with all the basic features of a music player. Well, it has some other cool features like;

  • Playlist.
  • Car mode
  • Data overview
  • UI customizations
  • No bugs

You can look up the repo by following this link - https://github.com/AugustToko/ACG-Player . I repeat, it's out of bug juice

Other project repos that stood out

If you are looking for new applications to explore, here are some repos that stood out this week

  • https://github.com/YahiaAngelo/Karma - Karma is an android social app based on Firebase and built with Android Arch Components and Material Design Guidlines - To an end user, this reads like jargon. So I will list out the application's features
    • It has the same features as other social apps
    • Access to a profile via email and password
    • Search for /Follow and Unfollow any other user.
    • Ability to Add posts with Text, Emoji with/without Pics.
    • Like/Dislike/Comment on any post.
  • https://github.com/tacticalDevC/PanicTrigger- PanicTrigger is an Android app which can help you in case of an emergency situation. In case of an emergency you tap on a big red button which causes the app to send out SMS to your preconfigured contacts without comfirmation. Key features are
    • Triggers an alarm on your friends phone (He/She needs to have this app too)
    • Send last known GPS coordinates within trigger message
    • In case there are no contacts configured call emergency services

And there you have it. Happy hunting :D

Common Mistakes And How To Fix Them

I will be highlighting the common mistakes found this week. I will also be offering tips on how to avoid them in future contributions. The tips will depend solely on the scores received by the contributions in a particular week.

1. Contributions with a score below 40

The severity level of the bug was marked as negligible.

Submission of cosmetic or trivial UI issues (phone orientation, phone locking/unlocking etc.) that have a negligible effect on the functionality of the application may lead to a lower score of your contribution, thus reducing your chances of receiving a reward

  • If what you spotted is a discrepancy in the user interface or just the front end appearance of the software, then it is most probably a trivial bug and would be scored as such. So make sure to look out for this.

  • Also, there are times when a contribution is scored negligible because the expected behavior of a particular feature could still be achieved by a default option. For example - while some third party camera apps may not work when used for uploading within other applications (probably because the PATH for that particular cam app is not set), the default android cam works. It will be particularly stressful and redundant to have the project owner set a unique PATH for every cam application out there. This is one thing a contributor should look out for.

2. Contributions with a score below 60

The contributor made no efforts to pinpoint the cause, or applied incorrect methods in searching for it.

  • To avoid being scored in the questionnaire with this option, I will advise hunters to comb through the app's repo. Search the repo using a keyword related to the affected feature, it could be the name of the function itself. If found, analyze the block of code behind the function's implementation. Check for syntax and logical errors, document your findings.

  • You can attach logcats in your reports for issues that involve a crash. If you don't know to produce one, watch this tutorial for how to.

Other News


This is to inform contributors and the general public that while reports will be accepted to projects outside the whitelist, they will only be reviewed if the issue opened is acknowledged by the project owner or maintainer.

While the new guidelines are yet to be officially announced, bug-hunters and open source enthusiasts looking to help open source projects, please take a look at our whitelist of projects that you can submit bug reports for:

https://docs.google.com/spreadsheets/d/1S7ayFTEy5CBMyeJvFRgq5JUjlqZxFjWAWhhrBL0GC60/edit#gid=1954068373


If you wish to have your open source projects added to our whitelist you can contact us on our help channel at our discord server. You can also leave your questions and comments below :)


Thanks

@fego

Sort:  

This is another well-done report from you!

I liked the details you shared about the category. I also appreciate the tips you provided and think they are useful for current and future contributors.

Thank you!

Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, click here.


Need help? Chat with us on Discord.

[utopian-moderator]

Thank you for your review, @tykee! Keep up the good work!

Congratulations @fego! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You distributed more than 4000 upvotes. Your next target is to reach 5000 upvotes.

You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Hi @fego!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your post is eligible for our upvote, thanks to our collaboration with @utopian-io!
Feel free to join our @steem-ua Discord server

Hey, @fego!

Thanks for contributing on Utopian.
We’re already looking forward to your next contribution!

Get higher incentives and support Utopian.io!
Simply set @utopian.pay as a 5% (or higher) payout beneficiary on your contribution post (via SteemPlus or Steeditor).

Want to chat? Join us on Discord https://discord.gg/h52nFrV.

Vote for Utopian Witness!